{ config, lib, pkgs, ... }:
with lib;
with types;

{
  options.components.nixos.boot = {

    enable = lib.mkOption {
      type = lib.types.bool;
      default = false;
    };

    kernelModules = mkOption {
      type = listOf str;
      default = [ ];
      description =
        "lspci -v will tell you which kernel module is used for the ethernet interface";
    };

    ssh = {

      enable = lib.mkOption {
        type = lib.types.bool;
        default = config.components.nixos.boot.enable;
      };


    };
  };

  config = mkMerge [

    # ssh part
    # --------
    (mkIf (config.components.nixos.boot.ssh.enable) {

      # boot
      boot.initrd.systemd.enable = true;
      boot.initrd.systemd.contents."/etc/hostname".text = "unlock.${config.networking.hostName}";

      # network
      boot.initrd.systemd.network.enable = true;
      boot.initrd.availableKernelModules = config.components.nixos.boot.kernelModules;

      # ssh
      boot.initrd.network.enable = true;
      boot.initrd.network.ssh = {
        enable = true;
        #authorizedKeys =     config.users.users.root.openssh.authorizedKeys.keys ;
        #authorizedKeyFiles = config.users.users.root.openssh.authorizedKeys.keyFiles;
        port = 2222;
        hostKeys = map ({ path, ... }: path) config.services.openssh.hostKeys;
      };


    })

  ];
}